git: 4f6edd4a4c2b - stable/13 - sctp: add KASSERTs to ensure correct handling of listeners
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 01 Feb 2023 23:25:41 UTC
The branch stable/13 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=4f6edd4a4c2b5ba498f6997357e63e02ea489073 commit 4f6edd4a4c2b5ba498f6997357e63e02ea489073 Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2022-06-27 17:04:45 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2023-02-01 23:24:28 +0000 sctp: add KASSERTs to ensure correct handling of listeners This was suggested by markj@. (cherry picked from commit 121ecca0d82b4a5ccee1a8bb01e50b026a22bb3f) --- sys/netinet/sctp_usrreq.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/sys/netinet/sctp_usrreq.c b/sys/netinet/sctp_usrreq.c index 78ece9dd4641..d7a4d71760a8 100644 --- a/sys/netinet/sctp_usrreq.c +++ b/sys/netinet/sctp_usrreq.c @@ -452,13 +452,10 @@ sctp_abort(struct socket *so) sctp_inpcb_free(inp, SCTP_FREE_SHOULD_USE_ABORT, SCTP_CALLED_AFTER_CMPSET_OFCLOSE); SOCK_LOCK(so); + KASSERT(!SOLISTENING(so), + ("sctp_abort: called on listening socket %p", so)); SCTP_SB_CLEAR(so->so_snd); - /* - * same for the rcv ones, they are only here for the - * accounting/select. - */ SCTP_SB_CLEAR(so->so_rcv); - /* Now null out the reference, we are completely detached. */ so->so_pcb = NULL; SOCK_UNLOCK(so); @@ -843,14 +840,22 @@ sctp_flush(struct socket *so, int how) inp->sctp_flags |= SCTP_PCB_FLAGS_SOCKET_CANT_READ; SCTP_INP_READ_UNLOCK(inp); SCTP_INP_WUNLOCK(inp); + SOCK_LOCK(so); + KASSERT(!SOLISTENING(so), + ("sctp_flush: called on listening socket %p", so)); SCTP_SB_CLEAR(so->so_rcv); + SOCK_UNLOCK(so); } if ((how == PRU_FLUSH_WR) || (how == PRU_FLUSH_RDWR)) { /* * First make sure the sb will be happy, we don't use these * except maybe the count */ + SOCK_LOCK(so); + KASSERT(!SOLISTENING(so), + ("sctp_flush: called on listening socket %p", so)); SCTP_SB_CLEAR(so->so_snd); + SOCK_UNLOCK(so); } return (0); }